Recently, there is a demand for a technique to exclude vulnerability inside a system as much as possible along with an increase of attack cases toward critical infrastructures. A test technique, a so-called fuzz testing (fuzzing), has been used as one of techniques to confirm presence or absence of the vulnerability. The fuzz testing is a technique to perform a test using test data obtained by rewriting each factor (parameter) of normal data based on the normal data which is configured to normally operate a device under test. In addition, it has been known that there is case where correction is performed so as to obtain correct data as the test data (final packet) in addition the rewriting of the factor in order to perform the fuzz testing. For example, when data of CRC32 is included in the test data to be used for the test, it is necessary to perform calculation of CRC32 with respect to the rewritten data and reflect the calculation result.
However, there is a case where it is difficult to suitably perform the test depending on a combination between a rewriting process and a correction process which are configured to perform the fuzz testing. For example, when data of CRC32 is rewritten through the rewriting process and then the rewritten data of CRC32 is corrected through the correction process in the test using the test data including the CRC32, an effect of the rewriting process disappear, and there is a problem that it is difficult to suitably perform the test.